VDB

GCVE-110-MAGEIA-2015-263

GCVE-110-MAGEIA-2015-263
Advisory Published
Vulnetix · Advisory published July 5, 2015
libcurl can wrongly send HTTP credentials when re-using connections. Even if the handle for an HTTP connection is reset, it retains the credentials, which can cause them to be unintentionally leaked in subsequent requests (CVE-2015-3236). libcurl can get tricked by a malicious SMB server to send off data it did not intend to. A malicious SMB server can use this to access arbitrary process memory, or to crash the client, causing a denial of service (CVE-2015-3237).

Affected Products

VendorProductVersionsPlatforms
Mageiacurl0 (affected), 7.40.0-3.1.mga5 (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›